<?
include '../inc-config.php';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Add Comment</title>
<link rel='stylesheet' href='style.css' type='text/css'>
<style type="text/css">
<!--
body {
	background-color: #000000;
	background-image: url(../images/alliance-tile.jpg); background-repeat:repeat-x;
}
body,td,th {
	color: #CC9900;
	font-family: Arial, Helvetica, sans-serif;
	font-size: 13px;
}
a:link {
    color:#CC9900; 
	
	
}
a:visited {
    color:#CC9900;
	
}
a:hover {
    color:#ffffff;
}
a:active {
    color:#FF0000;

	
}
input { background:transparent; background-image:url(../images/transp.png); color:#FFFFFF; border: 1px solid #333333}
select { background-color:#000000; color:#FFFFFF; border: 1px solid #333333}
textarea { background-color:#000000; color:#FFFFFF; border: 1px solid #333333}

-->
</style></head>

<body>

<center>
<?PHP
$user = $_SESSION['user'];
$GetUserInfo = "SELECT * FROM b_users a, b_templates b WHERE b.templateid=a.templateclass AND a.username = '$user'";
$GetUserInfo2 = mysql_query($GetUserInfo, $forum) or die("Could not get user info");
$GetUserInfo3 = mysql_fetch_array($GetUserInfo2);
$templateclass = "default";
if(!isset($_GET['news']))
{
	die("<table class='maintable'><tr class='headline'><td><center><strong>Error</strong></center></td></tr><tr class='forumrow'><td><center>No News selected.</center></td></tr></table>");
} 
$news = $_GET['news'];
$s = $_SERVER["REMOTE_ADDR"];
$checkip = "SELECT * FROM b_banip WHERE ip = '$s'";
$checkip2 = mysql_query($checkip, $forum) or die("Could not get IPs");
$checkip3 = mysql_fetch_array($checkip2);
if($checkip3)
{
	die("<br><br><br><br><table class='maintable'><tr class='headline'><td><center><strong>New Comment Failed</strong></center></td></tr><tr class='forumrow'><td><center>Your IP was banned from posting! Go away!</center></td></tr></table>");
}

if (isset($_SESSION['user']) || $guestposting)
{
	$user = $_SESSION['user'];
	$getid = "SELECT * FROM b_users WHERE username = '$user'";
	$getid2 = mysql_query($getid, $forum) or die("could not get user");
	$getid3 = mysql_fetch_array($getid2);

	$getforuminfo = "SELECT * FROM b_forums WHERE ID = '$forumID'";
	$getforuminfo2 = mysql_query($getforuminfo, $forum) or die("Could not get forum info");
	$getforuminfo3 = mysql_fetch_array($getforuminfo2);
	if(!$_SESSION['user'])
	{
		$getid3[status]=-1;
	}

	if($getid3[banned] == "Yes")
	{
		die("<br><br><br><br><table class='maintable'><tr class='headline'><td><center><strong>New Comment Failed</strong></center></td></tr><tr class='forumrow'><td><center>You have been banned from posting</center></td></tr></table>");
	} 
 
	if(isset($_POST['reply']))
	{
		if(!$_POST['name'] || !$_POST['post'])
		{
			print "<table>";
			print "<tr class='headline'><td><center><strong>Reply Failed</strong></center></td></tr>";
			print "<tr class='forumrow'><td><center>";
			print "One of the required fields was not filled in, please go back and try again.";
			print "</td></tr></table>";
		}
		else
		{
			$name = $getid3[username];      
			$post = $_POST['post'];

			$title = $_POST['title']; 
			$datepost = date("j M Y g:i a");
			$timepost = date("YnjHis") ;
			if(!$_SESSION['user'])
			{
				$user = "Guest";
			}
			$threadparent = $_POST['threadparent'];
			$name = htmlspecialchars($name);
			$title = htmlspecialchars($title);
			$post2 = strip_tags($post,'<p><a><b><i><img><u><font>[url][img][URL][IMG][FONT][font]<sub><sup><span><li><size>[list][o][size][s][mail]');
			$post = wordwrap($post2, 40, " ", true);
			
			//********************
			$honor = $GetUserInfo3[honours]+1; print "Rep gained: 1. Status: $honor.";
			$adding = "UPDATE b_users SET honours='$honor' WHERE username='$user'";
			mysql_query($adding, $forum) or die(mysql_error());
			//********************
			
			$posting="INSERT INTO b_comments (poster, content, newsid, timepost, datepost ) values ('$name', '$post', '$news', '$timepost', '$datepost')";
			mysql_query($posting, $forum) or die("could not post");

			if($_SESSION['user'])
			{
				$timenow=date("U");
				$updateuser="UPDATE b_users SET Posts=Posts+1, lastposttime='$timenow' WHERE username='$user'";
				mysql_query($updateuser, $forum) or die("COuld not update numposts");
			}
			print "<table>";
			print "<tr><td><center><strong>Adding Comment Successfull</strong></center></td></tr>";
			print "<tr class='forumrow'><td><center>";
			print "Thanks for posting. Redirecting index. <META HTTP-EQUIV = 'Refresh' Content = '1; URL =../home.php'>";
			print "</td></tr></table>";
		}
	}
	else
	{
		print "<br><br><br><br><table style='border: 1px solid #000000; background-image: url(../images/transp.png)'>";
		print "<tr><td style='background-image: url(../images/transpblack.png)'><center><strong>Add Comment</strong></center></td></tr>";
		print "<tr><td><center>";
		print "<table border='0'>";
		print "<tr><td>";
		print "<form action='addcomment.php?news=$news' method='post' name='form'>";
		if(!$_SESSION['user'])
		{
			$getguest="SELECT * FROM b_users WHERE username='Guest'";
			$getguest2=mysql_query($getguest) or die(mysql_error());
			$getguest3=mysql_fetch_array($getguest2);
			print "<input type='hidden' name='name' value='$getguest3[userID]'>";
			print "<b>Name:</b> Guest<br><br>";
		}
		else
		{    
			print "<input type='hidden' name='name' value=$getid3[userID]>";
			print "<b>Name:</b> $user<br><br>";
		}  
		print "<input type='hidden' name='news' value=$news>";
		print "<b>Message: (html off, BBCode off)</b><br>";

		print "<textarea rows='12' name='post' cols='45' id='7'></textarea><br><br>";
		print "<input type='submit' name='reply' value='Add Comment'>";
		print "</form>";
		print "</td></tr></table></td></tr></table>";  
	}
}
else
{
  print "<br><br><br><br><table  style='border: 1px solid #000000; background-image: url(../images/transp.png)'>";
  print "<tr><td  style='background-image: url(../images/transpblack.png)'><center><strong>Posting Comment Failed</strong></center></td></tr>";
  print "<tr class='forumrow'><td><center>";
  print "Not logged in, please <A href='../forum/login.php'>go here</a> to log in";
  print "</td></tr></table>";
}
 
?>
</td>
</tr>
</table>
</center>
</body>
</html>  